VPN and SPI
Hi,
I have set up OpenVPN on my EB810V router.
I find that it does not work. Although the VPN does connect, I find that I cannot access services on my internal network (e.g., HTTPS) when the SPI Firewall is enabled.
If I disable the SPI Firewall, the same services are accessible.
Is this a bug? Is there a workaround?
I do not feel safe leaving SPI switched off.
Thank you!
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi, EB810V is your OpenVPN Server, right? do you have Archer BE800 or not?
Please let us know your network topology and which device/service you are trying to access via the VPN, like https service of the EB810v itself, or https service of a client device within the EB810v LAN network?
In addition, EB810v is an ISP model actually, did you get it from your ISP? You could refer to this guide for a try: Why can’t I access or discover certain devices over VPN?
- Copy Link
- Report Inappropriate Content
Thank you for your response.
To answer the questions:
- The EB810v is my OpenVPN Server.
- I am assuming that the EB810v is similar or the same firmware as the BE800, please correct me if wrong.
- I got the EB810v from my ISP, Starhub.
Here is a diagram of the topology with an explanation of what happens when the SPI is on and what happens when the SPI is off. In a nutshell, SPI on = does not work, SPI off = works. This should not be the case.
Thank you for your help with this.
Sunshine wrote
Hi, EB810V is your OpenVPN Server, right? do you have Archer BE800 or not?
Please let us know your network topology and which device/service you are trying to access via the VPN, like https service of the EB810v itself, or https service of a client device within the EB810v LAN network?
In addition, EB810v is an ISP model actually, did you get it from your ISP? You could refer to this guide for a try: Why can’t I access or discover certain devices over VPN?
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hi, since ping works fine when SFI Firewall is enabled, we could confirm that the VPN traffic is not blocked by the SPI Firewall.
Actually we've run similar tests on our end with other retailer version product and could confirm that accessing internal http/https server via VPN is working fine with SPI firewall enabled, so the issue in your case could be related to your internal servers.
Since EB810v is an ISP model, we community team don't have related information and cannot follow up, if you have any further questions, it is recommended to contact your ISP, if the issue is indeed with the product, the ISP should report to ISP models related support team.
- Copy Link
- Report Inappropriate Content
@Sunshine
I face the same issue and StarHub refers me to TP-Link. I suspect that it is either a feature that has been disabled or firmware bug. TP-LINK should have e a team handles with Starhub, can you help channel this issue to them?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 865
Replies: 5
Voters 0
No one has voted for it yet.